CVE-2017-15275 samba: Server heap-memory disclosure

CVE ID

CVE-2017-15275

DESCRIPTION

A memory disclosure flaw was found in samba. An attacker could retrieve parts
of server memory, which could contain potentially sensitive data, by sending
specially-crafted requests to the samba server.

CVSS3 Base Score    4.3
Impact: Moderate 

RESOLUTION

Resolution:
The Red Hat security article does not point to a samba-3.x fix for EL6.
As per upstream samba advisory:  "There is no known vulnerability associated with this error."

This may be resolved in samba-3.6.23-43.el6_9.x86_64 and later.
Apply Unitrends security update v10.29 from 07/27/2018 or later, containing samba-3.6.23-45.el6_9.x86_64.

LINK TO ADVISORIES

Have more questions?

Contact us

Was this article helpful?
0 out of 0 found this helpful

Provide feedback for the Documentation team!

Browse this section